The Hacker News

Google Attributes Axios npm Supply Chain Attack to North Korean Group UNC1069

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, ...

Malware on npm: HTTP client axios loads backdoor for Windows, macOS, and Linux

The maintainer account for the axios package on npm was compromised to inject a remote access trojan for Windows, macOS, and ...

'Hundreds of thousands of stolen secrets could potentially be circulating as a result of ...

It is exactly this backdoor that had Google conclude this was a North Korea-sponsored campaign. GTIG said WAVESHAPER.V2 is an ...
OSTechNix

20 Vim Tricks That Will Change How You Edit

Stop editing at 10% of Vim's power. Master registers, :norm, fuzzy completion, linematch diff, and 16 more Vim tricks. Tested ...
TechLila

Homebrew Statistics 2026: Latest Data Insights

Explore Homebrew Statistics to uncover key usage trends, installs, and growth insights that help developers make smarter ...
SecurityWeek

New DeepLoad Malware Dropped in ClickFix Attacks

The new DeepLoad malware has been distributed in ClickFix attacks to steal user credentials and install a rogue browser ...
Computing

Hackers compromise Axios, one of the most widely used software libraries

Axios is published and maintained on npm, the default package registry for JavaScript and Node.js projects. It is used to ...

Claude AI finds Vim, Emacs RCE bugs that trigger on file open

Vulnerabilities in the Vim and GNU Emacs text editors, discovered using simple prompts with the Claude assistant, allow ...
OSTechNix

SolveSpace: Open Source CAD That Runs Fully Offline in Your Browser

SolveSpace is a free, open-source CAD tool that fits in 1MB, with a full 3D solver, parametric sketching, and a browser-based ...

Apple turns 50 today and even this PC gamer can admit its silicon is a bit of a beast

I'm celebrating Apple's 50th by being nice about it for once.
Analytics Insight

Axios Supply Chain Attack Exposes Crypto Wallets to Hidden Malware Risk

Axios, a widely used JavaScript HTTP client, was briefly distributed through npm in two malicious versions after a maintainer account was taken over. Security r ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...